A novel OC-SVM based ensemble learning framework for attack detection in AGC loop of power systems

Abstract

This paper presents a Semi-supervised Learning approach for anomaly detection in the Automatic Generation Control loop of the power systems. The proposed technique is an ensemble method, which employs Gaussian One-class Support Vector Machine, K-Means clustering, and a novel Region Expanding Oversampling technique. Unlike previous research in this field, the proposed method learns from only healthy class data that are readily available in the historical database or can be obtained by offline simulation. The algorithm is proposed keeping in mind that the defenders may not predict the attack sequences ahead in time; hence, the attack instances are not utilised during the training. To validate the proposed method's performance in detecting unseen attacks, apart from general False Data Injection attacks, we have formulated two varieties of intelligently crafted attacks. At first, a coordinated stealthy attack is designed that has the potential to degrade system stability. Secondly, a new financially orientated market operation attack is formulated that induces higher financial settlements for the attacker-preferred generation companies. Finally, the performance of the proposed ensemble method is compared with existing one-class classifiers, which reveals the superiority of the proposed ensemble framework in terms of average geometric accuracy (98.79%), True Positive Rate (98.38%), and True Negative Rate (99.22%).